Testing Secure Texting for HealthcareDirectTrust CEO David Kibbe Discusses New Efforts Underway
DirectTrust is beta testing a new version of its Direct protocol for secure email messaging that can support secure texting and "chats" involving health information on mobile devices, says David Kibbe, M.D., the association's president and CEO.
"We are making slow but steady progress in the development of a [Direct-based] protocol for texting, or online chat, that is the analogue of the Direct protocol for online messaging," he says in an interview with Information Security Media Group during the HIMSS 2016 Conference in Las Vegas.
DirectTrust is a not-for-profit trade association that created and maintains the security and trust framework for using the Direct Project protocol, which offers a way to meet the secure data exchange requirements for the HITECH Act electronic health record incentive program.
The Direct messaging protocol provides specifications for a secure, scalable, standards-based way to send encrypted health information directly to known, trusted recipients over the Internet. The current version of the protocol facilitates the simplest form of health information exchange involving secure email. Leveraging the Direct protocol for data exchange requires the use of a Health Internet Service Provider, or HISP, and a certificate authority.
A new version of the protocol for use in secure texting or online chats "is in beta testing with several HISPs, the idea being that if you as a user have a Direct [email] address, you will be able to acquire from that HISP an account for online texting at the same time," he says.
"And that would afford the same kind of interoperability between organizational and IT systems that the Direct messaging has provided. We're very cautious. We need to make sure there's a demand for that, but we think there is. Doctors, nurses, everyone involved in healthcare wants to use their smartphones, and they want that ability of moving messages to be online, real-time and more of a conversation rather than asynchronous messages."
Kibbe says he's "cautiously optimistic" that the Direct-based texting will come to fruition in 2016.
In the interview (see link to audio below photo), he also discusses:
- The importance of a recent agreement between DirectTrust and the Federal Health Architecture for a new Governmental Trust Anchor Bundle. A trust bundle is a collection of anchor certificates from HISPs. The Federal Health Architecture is an initiative designed to bring together the decision makers in federal health IT for interagency collaboration. The new government trust anchor bundle will enable as many as 23 federal agencies, including the Department of Defense, Veterans Administration and the Centers for Medicare and Medicaid Services, to begin using Direct messaging for the electronic exchange of health information with private sector healthcare providers.
- How the Direct messaging protocol fits into a new "interoperability pledge" that has been taken by dozens of large vendors of electronic health record systems and healthcare organizations to help advance secure health data exchange.
- His biggest privacy and security worries surrounding Internet of Things devices in the healthcare sector.
Kibbe, a physician, is founding president and CEO of DirectTrust. He is also senior adviser to the American Academy of Family Physicians. Kibbe in 2014 was named a top 10 Healthcare Information Security influencer by Information Security Media Group.
Additional Summit Insight:
Hear from more industry influencers, earn CPE credits, and network with leaders of technology at our global events. Learn more at our Fraud & Breach Prevention Events site.